package com.sean.security.config;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
                .antMatchers("/r/**").authenticated()  // 必须认证通过
                .antMatchers("/r/r1").hasAuthority("p1")    // 权限 1
                .antMatchers("r/r2").hasAuthority("p2")     // 权限 2
                .anyRequest().permitAll(); // 其他放行
    }
}
